Mobile phone authentication method using implicit authentication

ABSTRACT

Provided is a mobile phone authentication method using implicit authentication, the method including the steps of: by a server, receiving behavior data and environment information data from a user terminal when a user checks an authentication number for authentication of a mobile phone user; by the server, detecting a start point of a behavior of the user for checking the authentication number by performing peak detection in the received behavior data, and storing behavior data from the detected start point; and by the server, extracting feature data from the received environment information data and learning the extracted feature data to build a learning model.

TECHNICAL FIELD

This disclosure relates to a mobile phone authentication method usingimplicit authentication, and more particularly, to a technology foridentifying and authenticating a user in mobile phone authenticationusing a short message service (SMS).

BACKGROUND ART

Recently, an authentication method using a mobile phone is being widelyused to identify a user online, such as signing-up for a specificwebsite, payment in an Internet shopping mall or a financial transactionthrough a financial institution web.

In the mobile phone authentication method, a resident registrationnumber and a mobile phone number of a user are input into a providedauthentication page, and then user authentication is performed bychecking the occupancy of user's mobile phone through the input of anauthentication number transmitted to the mobile phone of the user.

More specifically, when performing user authentication, the mobile phoneauthentication system provides an authentication page to the userthrough a web browser or the like, receives user information (a residentregistration number, a communication company name, a mobile phonenumber, or the like) on the provided authentication page, and transmitsthe received user information to a server.

Accordingly, the server accesses a communication company server of thecommunication company to which the user has subscribed based on theinput user information, and compares the input user information withuser information such as the resident registration number and the mobilecommunication terminal number of the user, stored in the communicationcompany server, to determine whether the user information matches. Inthis case, if it is determined that the user information is matched, amessage including an authentication number according to userauthentication is sent to a terminal of the user through a mobilecommunication network of the communication company server.

After that, if the user inputs the authentication number sent throughthe authentication page, user authentication is completed.

However, in the mobile phone authentication method as described above,if a person other than the legitimate user steals the mobile phone ofthe user and performs authentication, it is not possible to prevent theauthentication by the person other than the legitimate user becausethere is no way to figure out this situation.

In addition, this conventional method is very vulnerable to an attack ofstealing an SMS authentication by smishing or the like.

Therefore, it is suggested to installing an SMS authentication securityapplication (APP) on the mobile phone of the user and use theapplication when authenticating the user, in order to prevent the mobilephone from being fraudulently used through application login and alsoprevent the SMS authentication number or the like from being stolen.

However, if an application is used, the user must use the applicationwhen authenticating the user, which is more cumbersome than the existingmethod of using an authentication page, so the method using anapplication is not widely used.

Meanwhile, the background art of the present disclosure is disclosed inKorean Unexamined Patent Publication No. 10-2013-0128089 (Nov. 26,2013).

DISCLOSURE Technical Problem

The present disclosure is designed to solve the problems of theconventional mobile phone authentication method as described above, andthe present disclosure is directed to providing a mobile phoneauthentication method using implicit authentication, which enables auser to be identified in authentication of a mobile phone user using animplicit authentication technology.

Technical Solution

A mobile phone authentication method using implicit authenticationaccording to an aspect of the present disclosure comprises: by a server,receiving behavior data and environment information data from a userterminal when a user checks an authentication number for authenticationof a mobile phone user; by the server, detecting a start point of abehavior of the user for checking the authentication number byperforming peak detection in the received behavior data, and storingbehavior data from the detected start point; and by the server,extracting feature data from the received environment information dataand learning the extracted feature data to build a learning model.

In the present disclosure, the behavior data may be three-axisacceleration data of the user terminal and three-axis gyro sensor dataof the user terminal, sampled according to a set cycle.

In the present disclosure, the step of detecting a start point of abehavior and storing behavior data from the detected start point mayinclude: by the server, normalizing the received behavior data; andcalculating a mean value for each data in the behavior data receivedmultiple times.

In the present disclosure, the environment information data may includeat least one of device information, wireless access point (AP)information. Bluetooth information and GPS information.

In the present disclosure, in the step of extracting feature data andlearning the extracted feature data to build a learning model, theserver may extract the feature data by comparing the receivedenvironment information data with environment information dataregistered previously.

In the present disclosure, the learning model may be an auto-encodertype model.

In the present disclosure, before the step of receiving behavior dataand environment information data, the method may further comprise: bythe server, sending the authentication number and a request fortransmission of behavior data and environment information data to theuser terminal.

In the present disclosure, the behavior data may be received and storedaccording to each posture of the user terminal classified in advance.

A mobile phone authentication method using implicit authenticationaccording to another aspect of the present disclosure comprises: by aserver, receiving a request for authentication of a mobile phone userfor a user terminal; by the server, sending an authentication number anda request for transmission of behavior data and environment informationdata to the user terminal; by the server, determining a posture of theuser terminal by using received behavior data; by the server, detectinga start point of a behavior of the user for checking the authenticationnumber by performing peak detection in the received behavior data; bythe server, calculating a degree of accordance or discordance bycomparing the behavior data from the detected start point with behaviordata according to the determined posture of the mobile phone amongbehavior data stored in advance; by the server, calculating reliabilityby inputting the received environment information data to a learningmodel built in advance; and by the server, determining whether userauthentication is successful based on the calculated degree ofaccordance or discordance and the calculated reliability.

In the present disclosure, the step of detecting a start point mayinclude by the server, normalizing the received behavior data.

In the step of calculating a degree of accordance or discordanceaccording to the present disclosure, the server may calculate the degreeof accordance or discordance by using dynamic time warping.

In the step of calculating reliability according to the presentdisclosure, the server may extract feature data from receivedenvironment information data and calculate reliability by inputting theextracted feature data to the learning model.

Advantageous Effects

The mobile phone authentication method using implicit authenticationaccording to the present disclosure checks whether behavior data andenvironment information data of the user performing authentication of amobile phone user are matched with data of a registered user, in orderto prevent the user authentication from being passed by fraudulent useof the mobile phone by a person other than the user without requiring anadditional operation of the user.

DESCRIPTION OF DRAWINGS

FIG. 1 is a diagram schematically showing a system in which a mobilephone authentication method using implicit authentication according toan embodiment of the present disclosure is performed.

FIG. 2 is a flowchart for illustrating an authentication dataconstruction process in the mobile phone authentication method usingimplicit authentication according to an embodiment of the presentdisclosure.

FIGS. 3 to 5 are diagrams for illustrating a behavior data registrationprocess in the mobile phone authentication method using implicitauthentication according to an embodiment of the present disclosure.

FIG. 6 is a diagram for illustrating a process of generating anenvironment information learning model in the mobile phoneauthentication method using implicit authentication according to anembodiment of the present disclosure.

FIG. 7 is a flowchart for illustrating a mobile phone authenticationmethod using implicit authentication according to an embodiment of thepresent disclosure.

BEST MODE

Hereinafter, an embodiment of a mobile phone authentication method usingimplicit authentication according to the present disclosure will bedescribed with reference to the accompanying drawings. Here, thethickness of lines or the size of components shown in the drawings maybe exaggerated for clarity and convenience of description. In addition,terms to be described later are defined in consideration of functions inthe present disclosure and may be changed according to the intention orcustom of users and operators. Therefore, these terms should be definedbased on the contents throughout this specification.

FIG. 1 is a diagram schematically showing a system in which a mobilephone authentication method using implicit authentication according toan embodiment of the present disclosure is performed.

As shown in FIG. 1 , a mobile phone authentication method using implicitauthentication according to an embodiment of the present disclosure isperformed by interaction between a user terminal 100 and a server 200.Here, the user terminal 100 may be a mobile phone of a user and mayinclude a smart watch of the user terminal 100 if the mobile phone isinterlocked with the smart watch. Also, the server 200 may be anauthentication server that performs identification of a mobile phoneuser.

In addition, in the operational configuration according to the presentdisclosure, a website server for providing an authentication page, acommunication company server for checking user authenticationinformation, or the like may operate in connection with the aboveconfiguration.

Meanwhile, in order to perform the mobile phone authentication methodusing implicit authentication according to this embodiment, the userterminal 100 may be configured to transmit behavior data of the user(or, user behavior data) and environment information data to the server200.

At this time, the user behavior data may be data output from anacceleration sensor (a sensor that measures the acceleration of themobile phone itself) and a gyro sensor of the mobile phone. In otherwords, the user behavior data is data about the behavior performed bythe user to check an authentication number, and in the mobile phoneauthentication method using implicit authentication according to thisembodiment, implicit authentication is performed using a behaviorpattern of the user when the user checks the authentication number.Here, the acceleration sensor and the gyro sensor of the mobile phonemay be a 3-axis acceleration sensor and a 3-axis gyro sensor,respectively.

In addition, the environment information data is data about thesurrounding environment where mobile phone authentication is performedand the user terminal 100, and may include device information (a brand,a manufacturer, a device model, a serial number, or the like), wirelessaccess point (AP) information, Bluetooth information, GPS information,and the like.

The user terminal 100 may be configured to transmit the aboveinformation to the server 200 according to a request of the server 200.For example, an application (APP) for transmitting the above informationmay be installed at the user terminal 100, or the user terminal 100 mayalso be equipped with the information transmission function when beingshipped.

FIG. 2 is a flowchart for illustrating an authentication dataconstruction process in the mobile phone authentication method usingimplicit authentication according to an embodiment of the presentdisclosure, FIGS. 3 to 5 are diagrams for illustrating a behavior dataregistration process in the mobile phone authentication method usingimplicit authentication according to an embodiment of the presentdisclosure, and FIG. 6 is a diagram for illustrating a process ofgenerating an environment information learning model in the mobile phoneauthentication method using implicit authentication according to anembodiment of the present disclosure. The user registration process formobile phone will be described with reference to FIGS. 2 to 6 .

In a user registration process for mobile phone authentication, theserver 200 may provide a user registration webpage or the like so thatan operation such as mobile phone user authentication may be performedlater. That is, the user may perform user registration by entering anauthentication number on a user registration webpage through anauthentication number verification process, and this user registrationprocess may be performed in the form of collecting data multiple timesfor each posture of the user terminal 100.

That is, in this embodiment, an acceleration sensor value and a gyrosensor value may be used as the user behavior data, and these data maybe differently represented for each posture of the user terminal 100.Accordingly, in this embodiment, a plurality of postures of the userterminal 100 may be classified in advance, and the user behavior datamay be registered for each posture. Here, the posture of the userterminal 100 may be classified into a case where the mobile phone isplaced on an object such as a table, a case where the user is holdingthe mobile phone in hand, a case where the authentication process isperformed through the mobile phone in the pocket of the user, or thelike, and the user may proceed with user registration by performing anaction according to each posture set in advance.

During the authentication process, the server 200 transmits anauthentication number and a signal for requesting behavior data andenvironment information data to the user terminal 100, and the user mayperform an action according to the designated posture of the mobilephone to check the authentication number so that user registration isperformed.

Accordingly, as shown in FIG. 2 , the server 200 receives user behaviordata and environment information data for each posture of the mobilephone from the user terminal 100 (S200). That is, the server 200collects behavior data and environment information data as describedabove for user registration.

Meanwhile, in this process, the user terminal 100 may sample dataaccording to a preset cycle (e.g., 10 ms) and transmit the data to theserver 200.

Thereafter, the server 200 detects a start point of the behavior of theuser to check the authentication number through peak detection in thereceived behavior data, and stores the behavior data from the detectedstart point (S210).

This behavior data registration process will be described as followswith reference to FIGS. 3 to 5 .

The server 200 may process the received data to perform data comparisonand analysis, and as shown in FIG. 3 , the server 200 may normalize thereceived behavior data first. That is, the server 200 may convert sensordata into a value between 0 and 1 by performing maximum and minimumscaling (Min Max Scaling).

In addition, as shown in FIG. 4 , the server 200 may calculate a meanvalue for each data (x-axis, y-axis and z-axis acceleration sensorvalues and x-axis, y-axis and z-axis gyro sensor values) from thereceived behavior data (or the normalized behavior data), and performdata processing using the calculated mean value. That is, as describedabove, the behavior data may be received multiple times for each postureof the mobile phone, so the data may be processed through averaging.

Finally, as shown in FIG. 5 , the server 200 may detect the start pointof the behavior of the user to check the authentication number throughpeak detect in the data processed with the mean value. Here, the peakdetection may be performed by detecting a point in which the rate ofchange of data is equal to or greater than a preset reference value,comparing a mean rate of change of data in a certain region with areference value, or the like, and various other methods may also beused.

The server 200 may store the behavior data from the detected startpoint. The server 200 may set a peak point as the start point, but inorder to prevent data loss related to the behavior of the user to verifythe authentication number, the server 200 may also set a point before acertain number (e.g., 4) as the start point of the behavior.

Meanwhile, as described above, the behavior data may be stored for eachposture of the mobile phone.

In addition, the server 200 extracts feature data from the receivedenvironment information data, and inputs the extracted feature data toan auto-encoder (AE) to perform learning (S220).

As described above, the environment information data is data about thesurrounding environment where the mobile phone authentication isperformed and the user terminal 100, and may include device information(a brand, a manufacturer, a device model, a serial number, or the like),wireless access point (AP) information (BSSID (MAC address of thewireless AP). RSSI (signal intensity)), Bluetooth information (MACaddress, RSSI). GPS information (latitude, longitude), and the like.

The server 200 first processes the environment information data toextract feature data. For example, the server 200 may extract acharacter string that combines the brand, the manufacturer and thedevice model name, BSSID of three wireless APs with strong signalstrength and RSSI thereof, Bluetooth MAC of the user terminal 100, orthe like.

In addition, the server 200 may register the character string thatcombines the brand, the manufacturer and the device model name, theBSSID of three wireless APs with strong signal strength, the BluetoothMAC of the user terminal 100, or the like, in order to extract featuredata.

Subsequently, the server 200 extracts feature data by comparingpreviously registered environment information data with the newlyinputted environment information data.

For example, if the character string (the character string that combinesthe brand, the manufacturer and the device model name) in the newlyentered device information is matched with the previously registeredcharacter string, the server 200 may extract 100 as feature data, and ifthey are not matched, the server 200 may extract 0 as the feature data.

If the BSSID of the newly entered wireless AP is already registered.RSSI for the corresponding BSSID may be extracted as feature data, andif not registered, −100 may be extracted as feature data.

If the address of the newly entered Bluetooth MAC is already registered,RSSI for the MAC may be extracted as feature data, and if notregistered, −100 may be extracted as feature data.

In addition, the latitude and longitude of the user terminal 100 may beextracted as feature data as they are.

The server 200 may configure a feature vector of the extractedenvironment information and learn the feature vector to generate alearning model. In this way, the server 200 may generate and store alearning model for the environment information.

That is, the server 200 may perform environment informationauthentication using a deep learning technique, and specifically, theserver 200 may construct an auto-encoder (AE) model by learning theextracted feature vector.

The AE has a structure as shown in FIG. 6 and is a type of FNN(Feedforward Neural Network), which is a neural network that learnsinherent characteristics of data. Specifically, the AE is a learningmodel that is trained to generate an output value similar to an inputvalue, and the AE generates an output value with high similarity for aninput value similar to the learned data, but an output value for aninput value that is not similar to the learned data has low similarity.h=σ ₁(Wx+b),z=σ ₂(W′h+b′),L(x,z)=∥x−σ ₂(W′(σ₁(Wx+b))+b′)∥²  [Equation 1]

The learning method of the AE may be explained using Equation 1. InEquation 1, h is a result obtained by encoding input data x through theAE, z is a result obtained by decoding h, σ₁ and σ₂ are activationfunctions, and L is a loss function. The learning process of the AE inthis equation is a process of finding W and W′ that minimizes the lossfunction, and if similar data are repeatedly input. W and W′corresponding to the characteristics of the data may be calculated.

In other words, if learning is performed by inputting a plurality ofdata with similarity, the AE outputs data with high similarity betweenthe input value and the output value for the input value similar to thelearned data, but for input values not similar to the learned data, theAE outputs data with low similarity between the input value and theoutput value, i.e., with high dissimilarity.

Meanwhile, for this comparison, the input environment data is registeredin the server 200, and environment information input for the first timemay be processed as all features are matched.

Meanwhile, in the present disclosure, the learning model may beconfigured to continuously learn data inputted during mobile phoneauthentication, explained later.

Meanwhile, in the present disclosure, the order of the step S210 and thestep S220 is not fixed, so the order of the steps may be changed or bothsteps may be simultaneously performed in parallel.

FIG. 7 is a flowchart for illustrating a mobile phone authenticationmethod using implicit authentication according to an embodiment of thepresent disclosure.

As shown in FIG. 7 , when a request for authentication of a mobile phonefor the user terminal 100 is received (S300), the server 200 sends anauthentication number to the corresponding user terminal 100 andrequests transmission of behavior data and environment information data(S310). That is, if there is a request for authentication of the mobilephone, the server 200 may transmit the authentication number to the userterminal 100 and also request for transmission of data required fordetermining whether the user is a legitimate user. At this time, thebehavior data and the environment information data may be requested andreceived in the same manner as the user registration process of FIG. 2described above.

Thereafter, the server 200 determines the posture of the mobile phoneusing the received behavior data (S320). That is, since the trend of thebehavior data is shown differently according to each posture of themobile phone, the server 200 may analyze the behavior data and determinethe posture of the mobile phone as one of preset postures.

At this time, the posture may be analyzed through supervised learningmachine learning using a support vector machine (SVM). Theclassification technology of data using SVM is already well known in theart and thus will not be described in detail here.

In addition, the server 200 detects a start point of the behavior takenby the user to check the authentication number through peak detectionfor the behavior data (S330).

That is, the server 200 may detect the start point of the behaviorperformed by the user to check the authentication number in the samemanner as the step S210 described above, and for this purpose, theserver 200 may perform a data normalization process.

Thereafter, the server 200 compares the received behavior data withbehavior data stored for the determined posture of the mobile phone bymeans of dynamic time warping (DTW) (S340).

That is, the server 200 may numerically calculate the degree ofaccordance or discordance between both data by comparing behavior datacorresponding to the determined posture of the mobile phone amongbehavior data stored for each posture of the mobile phone with the dataafter the behavior start point in the received behavior data.

For example, the server 200 may calculate the degree of accordance ordiscordance between both data sets by using the DTW as described above,as will be described below more specifically.

DTW starts by constructing an n-by-m matrix given when two time seriesdata of length n and in (i.e., the stored behavior data and the receivedbehavior data), R=r₁, r₂, . . . , r_(i), . . . , r_(n) and S=s₁, s₂, . .. , s_(j), . . . s_(m). The (i, j)^(th) element of the matrix containsthe distance between two points r_(i) and s_(j). The warping path W isdefined as a contiguous set of matrices defined by the mapping between Rand S. The k^(th) element of W is defined as w_(k)=(i, j)_(k), and W=w₁,w₂, . . . , w_(k) satisfying max(m, m)<=K<=(m+n+1) may be obtained.There are many warping paths that satisfy this, but a path thatminimizes warping cost is used as shown in Equation 2 below.

$\begin{matrix}{{DT{W\left( {R,S} \right)}} = {\min\left\{ \sqrt{\sum\limits_{k = 1}^{K}{w_{k}/K}} \right\}}} & \left\lbrack {{Equation}2} \right\rbrack\end{matrix}$

Here, K in the denominator is used to compensate for the fact that thewarping path can have various lengths.

This path may be found through recurrence calculation using Equation 3below, defining the distance d(i, j) found in a current cell and γ(i,j), which is the minimum cumulative distance of adjacent elements.γ(i,j)=d(r _(i) ,s _(j))+min(γ(i−1,j−1),γ(i−1,j),γ(i,j−1))  [Equation 3]

In addition, the server 200 may calculate the DTW value for each data(x-axis, y-axis and z-axis acceleration sensor values and x-axis, y-axisand z-axis gyro sensor values) and calculate the sum of them. The sumcalculated in this way is expressed as S_DTW.

In addition, the server 200 calculates reliability by inputting thereceived environment information data into the learning model (S350).

Specifically, the server 200 may calculate reliability by extractingfeature data from the received environment information data andinputting the extracted feature data into the learning model built inthe step S220.

At this time, the process of extracting the feature data may be the sameas the above step S220.

$\begin{matrix}{{confidence} = {1 - \frac{{loss}_{c}}{\max\left( {loss}_{e} \right)}}} & \left\lbrack {{Equation}4} \right\rbrack\end{matrix}$

This reliability may be calculated as in Equation 4, where loss_(c) isthe loss for newly entered environment data and max(loss_(e)) is themaximum loss that can be obtained by inputting a feature vector,extracted when the received environment information data and registeredenvironment information data are not entirely matched, into the userenvironment model.

Here, the loss may be a mean squared error of the value output from thelearning model and the value input to the learning model, but it is alsopossible to use various values capable of representing dissimilaritybetween the value output from the learning model and the value input tothe learning model as the loss value.

Subsequently, the server 200 determines whether the authentication issuccessful by combining the DTW result of the step S340 with thereliability calculated in the step S350 (S360).

That is, if the DTW result (S_DTW) of the step S340 has a large value orthe reliability calculated in the step S350 has a small value, theserver 200 may determine that user authentication fails, and processesas authentication failure (even if the user inputs the correctauthentication number).

Specifically, for example, if the calculated value (score) is less thanor equal to a predefined threshold, the server 200 may process as anauthentication success, and if the calculated value (score) is largerthan the predefined threshold, the server 200 may process as anauthentication failure.

Meanwhile, in this embodiment, the step S320 and the step S330 may beperformed simultaneously or sequentially regardless of the order, andthe step S340 and the step S350 may also be performed simultaneously orsequentially regardless of the order.

The present disclosure has been described with reference to theembodiment shown in the drawings, but this is only illustrative, and itwill be understood by those skilled in the art that variousmodifications and other equivalent embodiments can be made therefrom.Therefore, the technical protection scope of the present disclosureshould be determined by the appended claims.

The invention claimed is:
 1. A terminal authentication method usingimplicit authentication, the method comprising: sending, by a server, anauthentication number and a request for transmission of behavior dataand environment information data to the user terminal; by a server,receiving behavior data and environment information data from a userterminal for when a user checks an authentication number for userauthentication of the user terminal; by the server, detecting a startpoint of a behavior of the user terminal for checking the authenticationnumber by performing peak detection in the received behavior data, andstoring the behavior data from the detected start point; and by theserver, extracting feature data from the received environmentinformation data and learning the extracted feature data to build alearning model, wherein the behavior data is received and storedaccording to each posture of the user terminal classified in advance,wherein the detecting the start point of the behavior and the storingthe behavior data from the detected start point comprises: by theserver, normalizing the received behavior data; and calculating a meanvalue for a plurality of the received behavior data for each posture ofthe user terminal; by the server, calculating a degree of accordance ordiscordance using dynamic time warping by comparing the behavior datafrom the detected start point with the behavior data according to thedetermined posture of the user terminal among behavior data stored inadvance; wherein the calculating the degree of accordance or discordanceusing dynamic time warping comprises by the server, comparing thebehavior data from the detected start point with a mean value for aplurality of behavior data stored in advance for the determined postureof the user terminal; by the server, calculating reliability byinputting the received environment information data to a learning modelbuilt in advance; and by the server, determining whether the userauthentication is successful based on the calculated degree ofaccordance or discordance and the calculated reliability.
 2. Theterminal authentication method of claim 1, wherein the behavior dataincludes three-axis acceleration data of the user terminal andthree-axis gyro sensor data of the user terminal, sampled according to aset cycle.
 3. The terminal authentication method of claim 1, wherein theenvironment information data includes at least one of deviceinformation, wireless access point (AP) information, Bluetoothinformation, and global positioning system (GPS) information.
 4. Theterminal authentication method of claim 3, wherein in the extracting thefeature data and learning the extracted feature data to build thelearning model, the server extracts the feature data by comparing thereceived environment information data with environment information dataregistered previously.
 5. The terminal authentication method of claim 1,wherein the learning model is an auto-encoder type model.
 6. A terminalauthentication method using implicit authentication, the methodcomprising: by a server, receiving a request for user authentication fora user terminal; by the server, sending an authentication number and arequest for transmission of behavior data and environment informationdata to the user terminal; by the server determining a posture of theuser terminal by using the received behavior data; by the server,detecting a start point of a behavior of the user terminal for checkingthe authentication number by performing peak detection in the receivedbehavior data; wherein the detecting the start point comprises by theserver, normalizing the received behavior data; by the server,calculating a degree of accordance or discordance using dynamic timewarping by comparing the behavior data from the detected start pointwith the behavior data according to the determined posture of the userterminal among behavior data stored in advance; wherein the calculatingthe degree of accordance or discordance using dynamic time warningcomprises by the server, comparing the behavior data from the detectedstart point with a mean value for a plurality of behavior data stored inadvance for the determined posture of the user terminal; by the server,calculating reliability by inputting the received environmentinformation data to a learning model built in advance; and by theserver, determining whether the user authentication is successful basedon the calculated degree of accordance or discordance and the calculatedreliability.
 7. The terminal authentication method of claim 6, whereinin the calculating the reliability, the server extracts feature datafrom the received environment information data and calculates thereliability by inputting the extracted feature data to the learningmodel.